﻿using System.Web.Mvc;
using rosata.Areas.Admin.Controllers;
using rosata.Providers.Session;

namespace rosata.Areas.Admin.Filters
{
    public class CheckAdminFilter : FilterAttribute, IAuthorizationFilter
    {
        private readonly IUserSessionProvider _userSessionProvider;
        private readonly IndexController _indexAdminController;

        public CheckAdminFilter(): this(new UserSessionValuesInHttpContext())
        {

        }

        public CheckAdminFilter(IUserSessionProvider userSessionProvider)
        {
            _userSessionProvider = userSessionProvider;
            _indexAdminController = new IndexController(_userSessionProvider);
        }

        public void OnAuthorization(AuthorizationContext filterContext)
        {
            //se non siamo utente amministratore, allora facciamo fara il redirect alla 
            if (!_userSessionProvider.IsAdminSession())
                filterContext.Result = _indexAdminController.Login();
        }
    }
}